⚠️ WARNING: Fake OpenClaw Site Delivering ScreenConnect RAT — Discord Users Targeted

-
⚠️ SECURITY WARNING — ACTIVE THREAT
A fake OpenClaw site is being shared in Discord servers. It installs a Remote Access Trojan (RAT) that gives attackers full control of your machine. Do not visit, download from, or run anything from the sites listed in this post.

On 2026-04-26 I identified an active phishing and RAT delivery campaign impersonating OpenClaw — a legitimate AI assistant project. The campaign is being distributed through Discord, directing users to a convincing clone of the official OpenClaw website that silently delivers a ScreenConnect Remote Access Trojan.

What Is OpenClaw?

OpenClaw (openclaw.ai) is a real, legitimate open-source AI assistant project. The attackers chose it as their lure because it is a developer-friendly tool — its target audience is exactly the kind of person who would run a curl | bash installer without a second thought.



The Fake Discord "bot"

A discord user inpersonating the OpenClaw bot Krill DM users offering help. Unfortunately I lost their User ID while trying to figure out what was going on.







The Fake Site

The malicious site is hosted at:

hxxps://openclaw-ai[.]replit[.]app/

It is not the real OpenClaw site. The real site is openclaw[.]ai. The fake site is a near-perfect visual clone — same branding, logo, testimonials, and features. It even displays the real openclaw.ai curl command in the Quick Start section to appear legitimate:

curl -fsSL https://openclaw[.]ai/install.sh | bash   ← real command, shown to build trust

The OS-specific download buttons all point to a ScreenConnect RAT. The HTML <title> was accidentally left as "Remote Access" — the attacker's own name for the tool.

Screenshots of the Fake Site (Archived 2026-04-26)

Do not visit. Captured for forensic reference only.


frame1.jpg — Hero section: fake OpenClaw branding, logo, testimonials,
and "OpenClaw Partners with Vaultbot for SIM Security" badge

frame3.jpg — Integration list (Discord, Telegram, Slack) and community showcase, all cloned from real site

frame5.jpg — Bottom footer. Note "Independent project, not affiliated with Anthropic." Page title is "Remote Access"

The RAT: ScreenConnect (ConnectWise Control)

ScreenConnect is a legitimate remote desktop product frequently abused by threat actors: it installs as a persistent service that survives reboots, gives full remote desktop and file system access, and is often not flagged by antivirus. The attacker's tenant at urbarnturboproperty[.]screenconnect[.]com receives a connection the moment any download button is clicked and the installer runs.

Indicators of Compromise (IOCs)

All IOCs are DEFANGED. Replace [.] with . and hxxps with https in security tooling only.

Domains

openclaw-ai[.]replit[.]app
urbarnturboproperty[.]screenconnect[.]com

IP Addresses

40[.]160[.]26[.]157  (OVH: server-ovh30010027-web.screenconnect.com)

Malicious URLs

hxxps://openclaw-ai[.]replit[.]app/
hxxps://openclaw-ai[.]replit[.]app/install
hxxps://urbarnturboproperty[.]screenconnect[.]com/Bin/ScreenConnect.ClientSetup.exe?e=Access&y=Guest
hxxps://urbarnturboproperty[.]screenconnect[.]com/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
hxxps://urbarnturboproperty[.]screenconnect[.]com/Bin/ScreenConnect.ClientSetup.pkg?e=Access&y=Guest
hxxps://urbarnturboproperty[.]screenconnect[.]com/Bin/ScreenConnect.ClientSetup.deb?e=Access&y=Guest
hxxps://urbarnturboproperty[.]screenconnect[.]com/Bin/ScreenConnect.ClientSetup.rpm?e=Access&y=Guest

File Names

ScreenConnect.ClientSetup.exe  (Windows EXE)
ScreenConnect.ClientSetup.msi  (Windows MSI)
ScreenConnect.ClientSetup.pkg  (macOS)
ScreenConnect.ClientSetup.deb  (Linux Debian/Ubuntu)
ScreenConnect.ClientSetup.rpm  (Linux RHEL/Fedora)

JS Bundle

hxxps://openclaw-ai[.]replit[.]app/assets/index-qi0BRuPc.js

HTML Artifact

<title>Remote Access</title>  ← attacker's working title left in page source

Attack Chain

  1. Discord delivery — Fake account posts the fake site link in Discord servers
  2. Trust establishment — Site clones real openclaw.ai and shows real curl command
  3. RAT delivery — Victim clicks OS download button, receives ScreenConnect pre-pointed at attacker's tenant
  4. Persistent access — ScreenConnect installs as a system service, survives reboots
  5. Exfiltration — Credentials, SSH keys, tokens, wallets, files all accessible to attacker

If You Installed Anything From This Site

  1. Disconnect from the network immediately
  2. Find and remove ScreenConnect: Windows → Services / Add or Remove Programs; macOS → launchctl list | grep -i screen; Linux → systemctl list-units | grep -i screen
  3. Rotate all credentials: passwords, SSH keys, API tokens, AWS/GCP/Azure creds, GitHub tokens, crypto seed phrases
  4. Assume browser-saved passwords are compromised
  5. Consider full OS reinstall for sensitive machines

Verify the Real OpenClaw

  • Official site: openclaw[.]ai only — not any replit.app URL
  • Install script: openclaw[.]ai/install.sh only
  • Always verify the domain in your browser address bar before running any installer

For Discord Admins

  • Block and report accounts sharing openclaw-ai[.]replit[.]app
  • Add domain to AutoMod blocked links list
  • Report the Replit app at replit.com/report

Analysis: 2026-04-26. ScreenConnect tenant live at time of publication. All URLs DEFANGED.

— Igor Guarisma / guarismo.net

Comments

Post a Comment

Popular posts from this blog

Metasploitable 3 - OpenVAS Vulnerability Scan

-
Image
Metasploitable 3 Vulnerability Scan with OpenVAS Before this post I was exploiting vulnerabilities I found by researching the nmap results, so I decided to go a little further and run a vulnerability scanner to get a bit more info about the metasploitable3 server using the openvas module included with metasploit from the msfconsole. As seen in the OpenVAS website : About OpenVAS The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 47,000 in total (as of June 2016). All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL). Load the openvas module in metasploit msf > load openvas [*] Welcome to OpenVAS integration by kost and averagesecurityguy. [*...
Read more

Metasploitable 3 - Hashdump post Authentication

-
Metasploitable 3 Hashdump post Authentication Hello again :) This time we're going to exploit WinRM service running on the server and asume we found the Local Administrator's password but we don't have any other access to the machine. msf > services Services ======== host         port   proto  name          state  info ----         ----   -----  ----          -----  ---- 10.20.10.23  21     tcp    ftp           open   Microsoft ftpd 10.20.10.23  22     tcp    ssh           open   OpenSSH 7.1 protocol 2.0 10.20.10.23  80     tcp    http          open   Microsoft-IIS/7.5 ( Powered by ASP.NET ) 10.20.10.23  161    udp    snmp       ...
Read more

Metasploitable 3 - Exploiting Tomcat

-
Image
Metasploitable 3 Exploiting Tomcat If you remember, this are the services that NMAP found running on metasploitable 3, on TCP port 8282 there's a Apache Tomcat server running and that's the one I'll exploit for this post. Services ======== host         port   proto  name          state  info ----         ----   -----  ----          -----  ---- 10.20.10.23  21     tcp    ftp           open   Microsoft ftpd 10.20.10.23  22     tcp    ssh           open   OpenSSH 7.1 protocol 2.0 10.20.10.23  80     tcp    http          open   Microsoft-IIS/7.5 ( Powered by ASP.NET ) 10.20.10.23  161    udp    snmp          open   SNMPv1 server public 10.20...
Read more